The Perfect Server - Mandriva 2009.0 Free (i386) - Page 5
10 MySQL (5.0)
To install MySQL 5.0, we simply run:
urpmi MySQL MySQL-client libmysql15-devel
By default, networking is not enabled in Mandriva 2009.0's MySQL package, but networking is required by ISPConfig. We can change this by commenting out the line skip-networking in /etc/my.cnf.
Afterwards, we create the system startup links for MySQL...
chkconfig mysqld on
... and start it:
Now check that networking is enabled. Run
netstat -tap | grep mysql
The output should look like this:
[root@server1 var]# netstat -tap | grep mysql
mysqladmin -u root password yourrootsqlpassword
to set a password for the user root (otherwise anybody can access your MySQL database!).
11 Postfix With SMTP-AUTH And TLS; Dovecot
Install the required packages (Postfix, cyrus-sasl, Dovecot, etc.) like this:
urpmi cyrus-sasl libsasl2 libsasl2-devel libsasl2-plug-plain libsasl2-plug-anonymous libsasl2-plug-crammd5 libsasl2-plug-digestmd5 libsasl2-plug-gssapi libsasl2-plug-login postfix dovecot
postconf -e 'mydestination = /etc/postfix/local-host-names, localhost.$mydomain'
Then we set the hostname in our Postfix installation (make sure you replace server1 and example.com with your own settings):
postconf -e 'mydomain = example.com'
Edit /etc/sasl2/smtpd.conf. It should look like this:
The default authentication mechanism for saslauthd is pam, however on Mandriva 2009.0 there seems to be a bug. When you send an email, the first one goes through, and as soon as you try to send a second email, saslauthd dies. You can find messages like this one in /var/log/messages:
Oct 9 17:53:42 server1 saslauthd: server_exit : master exited: 4460
I've found the following workaround: open /etc/sysconfig/saslauthd...
... and change SASL_AUTHMECH from pam to shadow:
Create the SSL certificate needed for TLS:
chmod 600 smtpd.key
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key
... and configure Postfix for TLS:
postconf -e 'smtpd_tls_auth_only = no'
Next we must configure Dovecot to serve the protocols imap, imaps, pop3, and pop3s. Open /etc/dovecot.conf and adjust the following values:
Now we must tell the system to start Dovecot only after ntpd has started because Dovecot isn't very forgiving if your system's time moves backwards while Dovecot is running (see http://wiki.dovecot.org/TimeMovedBackwards). This might cause errors like the following in your syslog:
Apr 9 19:29:18 server1 dovecot: Time just moved backwards by 17 seconds. This might cause a lot of problems, so I'll just kill myself now. http://wiki.dovecot.org/TimeMovedBackwards
Unfortunately, on Mandriva Dovecot is started before ntpd, so we change it like this:
Then we create the system startup links for Postfix...
chkconfig postfix on
... and (re)start Postfix, saslauthd, and Dovecot:
To see if SMTP-AUTH and TLS work properly now run the following command:
telnet localhost 25
After you have established the connection to your Postfix mail server type
If you see the lines
250-AUTH PLAIN LOGIN
everything is fine:
[root@server1 rc5.d]# telnet localhost 25
to return to the system's shell.
Dovecot uses Maildir format (not mbox), so if you install ISPConfig on the server, please make sure you enable Maildir under Management -> Server -> Settings -> Email. ISPConfig will then do the necessary configuration.
If you do not want to install ISPConfig, then you must configure Postfix to deliver emails to a user's Maildir (you can also do this if you use ISPConfig - it doesn't hurt ;-)):
postconf -e 'home_mailbox = Maildir/'